In March, a cyberattack attributed to Iranian hackers disrupted parts of the Los Angeles transit system. The infiltration forced the temporary shutdown of some network sections of the Los Angeles County Metropolitan Transportation Authority (LACMTA). According to Israeli cybersecurity firm Gambit Security, these hackers seized at least 700 gigabytes of sensitive data, including emails and backups.
Uncovered Evidence
Gambit Security discovered the stolen information after it was inadvertently leaked online. Investigations linked the server containing the data to a known hacking group allegedly connected to Tehran. Requests for comments from Iran’s UN mission and Israel’s National Cyber Directorate went unanswered.
The LACMTA did not directly address the findings. However, officials stated they are collaborating with law enforcement and cyber experts to restore their networks. A press release emphasized that determining the attackers’ identity remains part of their ongoing investigation.
Ababil of Minab
Suspicion initially pointed towards a fringe pro-Iran group named Ababil of Minab, which has claimed responsibility. The group derives its name from a tragic event in Minab, Iran, where a school bombing killed many children and teachers.
This group’s activities align with the methods of vigilante hacker factions suspected to serve as proxies for Iranian intelligence. Gambit’s director of threat intelligence, Eyal Sela, highlighted their research providing forensic support for this connection.
As a firm partially founded by veterans of Unit 8200, Israel’s NSA equivalent, Gambit Security informed the relevant authorities about these revelations.
International Impact
Ababil has also taken responsibility for attacks on South Florida’s Tri-Rail system, Vyncs vehicle tracking, and the Saudi infrastructure firm Unimac. Tri-Rail recognized they had been hacked recently, but assured that critical data remained unaffected.
Vyncs, owned by Agnik, detected a breach on April 2, yet withheld specifics on compromised data. Both Tri-Rail and Agnik confirmed FBI involvement in their investigations. Unimac did not respond to inquiries.
Continued Operations
Aside from publicly acknowledged targets, Gambit reports Ababil hacked additional unnamed organizations, including Israeli media and educational entities, and a Turkish insurance firm, though they refrained from further identification.
These activities are part of broader digital offensives allegedly orchestrated by Iranian entities following hostilities initiated by the U.S. and Israel against Iran in late February. This campaign purportedly encompasses attacks on various sectors, from medical devices to fuel systems, with accusations of interfering in FBI operations.
SpaceX Secures $920 Million Monthly Deal with Google 
Protests Erupt in Albania Over Resort Development 
Clarity Sought on U.S. Troop Levels in Europe Amid Policy Changes 
U.S. Military Awaits Pentagon’s Clarification on Troop Levels in Europe 
Potential Ebola Outbreak in Central Africa Raises Concerns of Rapid Spread 
Meta and YouTube Ordered to Pay Damages in Landmark Social Media Lawsuit